Post on 22-May-2020
transcript
The simplicity of a public cloud in your own data centre
Azure Stack
David.Biot@xylos.com @davidbiot www.linkedin.com/in/davidbiot
David BiotCompetence Center Lead IT Lifecycle Management
“Digital is the 4th industrial revolution”
Cloud transformation
Tight coupling between infrastructure and apps Expensive, vertically integrated hardware
Siloed infrastructure and operations Highly customized processes and configurations
Loosely coupled apps and micro-services Industry-standard hardware
Service-focused DevOps Standardized processes and configurations
Traditional model• Dedicated infrastructure for each
application
• Custom hardware
• Distinct infrastructure and operations teams
• Customized processes and configurations
Servers
Cloud is a new way to think about your datacenter
Cloud model • Loosely coupled apps and micro-services
• Industry-standard hardware
• Service-focused DevOps teams
• Standardized processes and configurations
Services
Cloud is a model,
not just a place
Public
HostedPrivate
Evolution of Windows Server
Server for the Masses
Enterprise Servers
Datacenter Servers
Cloud Servers
Performance
Reliability
Flexibility
Security
WS2016 Hyper-V – Delivering more of Everything
Hot add and remove VM memory
Hot add and remove VM virtual network
Online storage resize (Guest Clustering w/ Shared VHDX)
Production checkpoints
Cluster OS Rolling Upgrade
Mixed OS Mode cluster
VM resiliency
Fault domain-aware clusters
Storage QoS
Broad Linux support
Virtual machine compatibility mode
VM services model (Integration Services via Windows Update)
Stretched clusters (Storage Replica)
Workgroup and multi-domain cluster
Cloud Witness
Diagnostic improvements
Virtual Machine multi-queue (VMMQ)
Node Fairness
SMB Multi-channel and Multi-NIC
Beast VM
RDMA and converged networking
High performance live migration
Credential Guard
Just-in-Time administration
Just-Enough-Administration
Shielded VM
vTPM
Device Guard
Compute/Storage& TOR Switches
Spine Switches/Routers
Fixed-Function Physical Appliances
Edge Routers
Datacenter Network
Hyper-converged with Storage Spaces Direct
Compute and Storage
Virtualization and StorageHost
Virtual Machines
Storage Software
Lower cost storage Compute + Storage on same node
Low cost Disaster Recovery
Site A
Storage Software Storage Software
Site B
Componentization: The right configuration for the task
• Optimized for cloud infrastructure & next-gen distributed applications
Containers and next-gen
applicationsServer And Desktop
Specialized workloads
Third-party applications
RDS experience
Server Core
Lower maintenance
server environment
Traditional VM workloads
Nano Server
Just enough OS
Nano Server installation optionJust enough OS
Different, yet familiar
Reduced attack surface and servicing requirements
Full Windows Server PnP driver support
Antimalware optional package
System Center VMM and OM agents available
0
1
2
3
4
5
6
1
Disk Footprint (GB)
Series1 Series2
5.42
.460
5
10
15
20
25
30
35
1
Ports open
Series1 Series2
12
30
Nano Server – PowerShell Core
• PowerShell V5• DSC+++, Security+++, Classes, PowerShell Gallery, VS Code
• Refactored to run on .NET Core
• Full PowerShell language compatibility & remoting• Cmdlets need to work with .NET Core
• OpenSSH support
• PowerShell Open sourced on githubwith an MIT license
• Cloud scale configuration management• Declare the state of a server (e.g User X should exist & be a member of the
Adminstrator group )• Apply expert knowledge as common tasks – easier than scripting
• DSC is the platform• Works in collaboration with DevOps tool chain (Chef, Puppet, etc.)
• Windows 2008R2 and later, and Linux via OMI
• Open source DSC Resource Kit (302) resources• https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d
• DSC Overview• https://msdn.microsoft.com/en-us/powershell/dsc/overview
Desired State Configuration
Containers
Containers = Operating system virtualization
Traditional virtual machines = hardware virtualization
CONTAINER CONTAINER CONTAINER
Windows Server Containers
Maximum speed and density
Kernel
CONTAINER
Kernel
CONTAINER
Kernel
CONTAINER
Hyper-V Containers
Isolation plus performance
Applications
Kernel
CONTAINER CONTAINER CONTAINER
VM VM VM
PackageManagement Architecture
End User
PackageManagement PowerShell cmdlets
PackageManagement Core
Discovery
Install/Uninstall
Inventory
PackageManagement Providers
Windows Server App (WSA)
PowerShellGet
Windows Container
NuGet
NanoServerPackage
…
Package Sources
WSA Package Repository…
PowerShell Gallery
Container Gallery, Docker
NuGet Gallery …
www.NPMjs.com
WordPress, …
Azure inspired Windows Server 2016 Software Defined Datacenter
Cost Effective Flexible Reliable Secure Leading price performance
Agile System Center managed Validated partner hardware
Compute Network Storage
Virtualize anything with Hyper-V
From hyper converged to hyper scale
Most secure, resilient and always available
Deploy fast and take control with SDN fabric
Enhance network security with dynamic microsegmentation
Reduce cost with converged RDMA and cloud optimized appliances
Price/performance storage for ALL
Low cost DR with Storage Replica
Datacenter wide Storage QoS
Scalable, resilient and always available
Software Defined validated on range of partner hardware. Hyper-Converged to Converged scale.
Security Shielded VMs, Credential Guard, Device Guard and more
Compute Network Storage
DISASTER
Software delivery challenges
Traditional on-premises workflow
Work Order
Doc
Dependency not found
Work Order
Doc
DevOps with Azure and Azure Stack
less errors
software delivers more value to end users
all apps leverage a devOps workflow
Demonstration of a CI/CD pipeline
Microsoft’s hybrid cloud platform
Cloud-inspired infrastructure
Azure IaaS | Azure PaaSCompute | Network | Storage
App Service | Service Fabric*
Azure Resource Manager
Portal | PowerShell | DevOps tools
Microsoft Azure StackPrivate | Hosted
Cloud infrastructure
IaaS | PaaS
Azure Resource Manager
Portal | PowerShell | DevOps tools
Microsoft Azure Public
Cloud-inspired infrastructure
Azure IaaS | Azure PaaSCompute | Network | Storage
App Service | Service Fabric*
Azure Resource Manager
Portal | PowerShell | DevOps tools
Microsoft Azure StackPrivate | Hosted
Azure services in your datacenter
Unified app development
One Azure ecosystem
Developers
IT
Power of Azure in your datacenter
Azure Stack Extensible ArchitectureA
zure
Sta
ck S
oft
ware
Cloud Infrastructure
Extensible Service
Framework
End User Experiences
Guest Workload Resources(IaaS + PaaS)
Unified Application Model
Virtual Machines
(Linux or Windows)
Websites
(.NET, PHP, Python … )
Virtual NetworksService Fabric
Clusters
Storage Blobs
Core Services
Additional Platform Services
Foundational Services
End User Experiences
Azure Portal | Developer Tools (MSFT & Open Source)
Unified App Model
Azure Resource Manager
Core ServicesSubscriptions | RBAC | Marketplace | Metrics | Usage
Cloud Infrastructure
Websites
(.NET, PHP, Python … )
Service Fabric Clusters
From Microsoft
From 3rd Parties
Marketplace
Hybrid scenarios
DisconnectedRegulations
ISO<..>
Performance
Security
Data sovereignty
Latency
Azure Stack hybrid topology ideas…
Adjacent
Single Service Low-Latency
Hosted Public and Hybrid Cloud
Central IT
Compliant
Azure solutions
Envisioning hybrid solutions with Azure and Azure Stack
Envisioning hybrid solutions with Azure and Azure Stack
Azure IaaS: Virtual Machines (incl. container extensions) | Storage (Blobs, Tables, Queues) | Networking (Virtual Network, Load Balancer, VPN Gateway)
Azure PaaS: Web Apps | Mobile Apps | API Apps | Service Fabric*
Management, Security and Identity/Access: Azure Portal | Key Vault | Azure AD & ADFS integration
* - In Preview @GA
Legend
= In preview at Azure Stack GA
Azure Stack Integrated System
BMC Switch
ToR Switch
ToR Switch
Architecture, hardware, and
topology
Security and privacy
Deployment, configuration, provisioning
Validation Monitoring, diagnostics
Business continuity
Patching and updating
Field replacement of parts
Azure Stack: Thinking about scale
• One Cloud “endpoint” (Portal URL)
• Several Regions
• Multiple scale units (SU) per region
• each scale unit can be different generation hardware
• Scale unit = fault domain = failover cluster
• Smallest scale unit = 4 servers
• Scale = #servers per SU x #SU’s per regions x #regions
SingaporeDenver
3
Dublin
3 3
2
PO
RTA
L/A
RM
Resource management
11
2
3
Integration in your datacenter
ToR Switch
ToR Switch
BMC Switch
ToR Switch
ToR Switch
Aggregate SwitchAggregate Switch
BMC Switch
Space, Power
& Cooling
Identity Integration
(Tenant & Cloud Admin)
Border
Device
Datacenter
monitoring/ticketing/
hardware monitoring
Templates/PowerShell/CLI, SDK, etc
Azure Resource Manager (ARM)
RP LAYERPARTITION REQUEST BROKER
SRP NRPCRP
COMPUTE CONTROLLER
STORAGE CONTROLLER
NETWORK CONTROLLER
INFRA ROLE CONTROLLER
HEALTH CONTROLLER
ARM LAYER
INFRASTRUCTURE CONTROL LAYER
Azure Portal (UX)
…
PHYSICALNODE
MANAGEMENT
HARDWARE LAYER
Peek into a Scale unit
ToR Switch
ToR Switch
BMC Switch
Peek into a Scale unit
Infrastructure Management
Azure Stack: Patching & Update
• Pre-validated updates for software and firmware by Microsoft and partners.
• Rapid cadence of delivery, customer choses when to apply
• Automated application of updates across entire infrastructure Designed to not disrupt tenant workloads
Azure Stack: Backup and Disaster Recovery
Azure Infrastructure
IaaS PaaS
Admin spaceExternal File Share
On-premisesBackup Target
Tenant space
Cloud backup service Azure Site Recovery
LRS blob replica, blob snap
Azure Stack: Security Principles
• Assume Breach• Constrained admin
• Least privilege, RBAC• Just Enough Administration
• Application whitelisting• Network whitelisting• Customized auditing
• Hardened by default• Data at rest encryption• Security OS baseline• Disabled legacy protocols (e.g. NTLM)• Customized AV configurations
Timelines
Jan ‘16 Sept ‘16 TBA Mid-CY17
Azure Stack
POC (1-node)
Azure Stack integrated systems (multi-node)
Private Private
Mid-CY17Sept ‘16 TBA
Public PublicPublic Public
Each Technical Preview (TP) will include “foundational” Azure services such as Compute, Networking, Storage. In between TPs, we will release incremental updates with new customer scenarios.
Legend
Public
Feb ‘16
TP2 TP3 GA
I want to start right now!
Azure Stack PoC installation service
• Existing or new hardware
• Installation of 1 single-server Azure Stack Technology Preview 2
• Integration in your environment
• Training on Azure Stack usage• Azure Resource Manager
• Desired State Configuration
• Containers
• Etc…